Website Design, Development and Hosting
CSMB's website design services include the planning, design, build, configuration and management of websites and online applications delivered in the cloud on a Content Management System you control. CSMB work to understand your business drivers, target audiences and objectives thus helping our clients deliver the best possible first impression.
Features
- Website & Brand Design
- Website Development
- Website Hosting & Support
- Fully Responsive Website Working Across Desktop, Tablets and Mobiles
- Testing Across all Browsers & Devices
- Fast & Agile Project Delivery
- Online Enquiry & Other Forms, Questionnaires, Surveys & E-Commerce
- Flexible User Security & Publishing Rights Giving You Full Control
- Umbraco Content Management System
- Tier 1 UK Based Data Center for Hosting and Support
Benefits
- Experiences Delivery Team
- Custom Design Helping You Stand Out
- Easily Update & Manage Your Website 24/7
- Projects Are Delivered On Time & On Budget
- Range Of Support Options Available
Pricing
£350 to £750 a person a day
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
7 1 9 0 3 0 0 1 8 3 5 3 5 2 2
Contact
Consult SMB Limited
Stephen Bear
Telephone: 02034112321
Email: stephen.bear@consultsmb.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- None
- System requirements
- Windows Enviroment
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Within 1 Hour, Mon - Fri 9 am - 5.30 pm
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
- Users can't send and receive files or video.
- Web chat accessibility testing
- We use a market leading web chat tool so rely on their in house testing
- Onsite support
- Onsite support
- Support levels
-
Severity Level 1
CSMB Acknowledgement (not to exceed) One (1) hour
Resolution Plan Available (not to exceed) Four (4) hours
Resolution Target (not to exceed) Two (2) business days*
Severity Level 2
CSMB Acknowledgement (not to exceed) Two (2) hour
Resolution Plan Available (not to exceed) Eight (8) hours
Resolution Target (not to exceed) Four (4) business days
Severity Level 3
CSMB Acknowledgement (not to exceed) Three (3) hour
Resolution Plan Available (not to exceed) Two (2) business days
Resolution Target (not to exceed) Five (5) business days
Severity Level 4
CSMB Acknowledgement (not to exceed) Eight (8) hour
Resolution Plan Available (not to exceed) Four (4) business days
Resolution Target (not to exceed) as agreed by CSMB and CLIENT
*Where is it possible to resolve the issue.
Note 1: Work hours are 9.00 –17.30 Local UK Time, Monday to Friday, excluding English Public Holidays
Note 2: Apart from severity 1 calls, that will always be responded to via phone, the default response communication route will be the same as the incoming communication, unless the initial escalation request states a specific response requirement e.g. instant Message, telephones, e-mail or specific Client site contact point, etc. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Full UAT support leading into Onsite and Offsite training as well as ongoing Online training. Crib sheet documentation is also provided.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- ODF
- End-of-contract data extraction
- Standard Extract tools are available for users to extract and download their data. Data can also be supplied upon request.
- End-of-contract process
- The users terminates their contract and is free to move away without any penalty charges. If specific professional services are requested they can be purchased at the rate card prices.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- None
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AAA
- Description of service interface
- Full CMS Access
- Accessibility standards
- WCAG 2.1 AAA
- Accessibility testing
- Standard UAT testing
- API
- No
- Customisation available
- Yes
- Description of customisation
- Full Content Management access. Users access securely with a UN and PW and chose the elements they wish to customise.
Scaling
- Independence of resources
- Load balanced server environment with bandwidth which up scales on demand.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- In-house
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- No
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- There is an interface in the content management system.
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- Private network or public sector network
- Data protection within supplier network
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- We utilise an ISO accredited cloud platform, which has been built using the latest technologies to ensure high availability and resilience across multiple UK data centres. Uptime is quoted at 99.99%. The Datacenter is ISO 27001 , ISO 14000, ISO 9001 accredited.
- Approach to resilience
- All servers are hosted within a replicated load balanced environment. The environments are virtual allowing for rapid deployment either initially or in the event of a failure. The environment is replicated in real time to a second back up site location to allow for fail over in the event of a failure.
- Outage reporting
- Email Alerts and Updates as well as a updating postings on the support portal.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Username or password
- Access restrictions in management interfaces and support channels
- Usernames and Passwords have roles assigned to them. These roles control the elements of the service that are made available to that user. The Support portal is also access by username and password which in turn provides the permissioned user with information, the knowledge base and gives the ability to raise a support ticket.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- You control when users can access audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- No audit information available
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- Whilst we don't hold a BSI accreditation, our operations and solutions are delivered in line with BSI 9001, BSI 1400 and internal audits are carried out to ensure continued adherence to these standards.
- Information security policies and processes
- We have an in house Information Security Policy that will be provided to prospective clients upon request. The policy covers all aspects of our business, and is reviewed quarterly in our management meetings. The policy includes: Introduction, Objectives, Aim and Scope, Objectives, Responsibilities for Information Security, Legislation, Policy Framework, Management of Security, Information Security Awareness Training, Security Control of Assets, Access Controls, User Access Controls, Computer Access Control, Application Access Control, Equipment Security, Computer and Network Procedures, Information Risk Assessment, Information security events and weaknesses, Classification of Sensitive Information, Protection from Malicious Software, User media, Monitoring System Access and Use, Accreditation of Information Systems, System Change Control, Intellectual Property Rights, Business Continuity and Disaster Recovery Plans, Reporting, Policy Audit.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- All changes are managed through an internal CRM / Support Desk system. Changes are evaluated, designed, built and tested. When available for deployment, scheduled maintenance windows are created and updates are deployed, all of which are audit tracked and documented in the CRM / Support Desk system.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Penetration testing by the data center and regular firewall updates are the primary method to protect against vulnerability. Monitoring of logs gives insight into the source of potential threats, if any are identified then any recommended updates or patches are deployed as a matter of urgency. Regular internet research is also used to locate domestic and global threats.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Spikes in traffic, increases on port blocks enable us to identify potential compromises. Any identification is dealt with immediately with senior management being involved in any responses to an incident.
- Incident management type
- Supplier-defined controls
- Incident management approach
- We have an incident and corrective action policy which outlines the internal process for dealing with an indecent. The policy includes the escalation process, the communication process all based on a severity level. Incidents are reported via the Support portal and they are issued a severity level. Depending upon the severity level the correct escalation and response targets are assigned and then tracked against the initial support ticket that was raised. Regular updates are provided to clients for all incidents that are reported
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
WellbeingWellbeing
We deliver platforms to help with health and wellbeing, both physical and mental.
Pricing
- Price
- £350 to £750 a person a day
- Discount for educational organisations
- Yes
- Free trial available
- No